{"id":72764,"date":"2026-05-19T19:50:53","date_gmt":"2026-05-19T19:50:53","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/echo-protocol-pauses-monad-bridge-after-admin-key-breach-sparks-816k-loss\/"},"modified":"2026-05-19T19:50:53","modified_gmt":"2026-05-19T19:50:53","slug":"echo-protocol-pauses-monad-bridge-after-admin-key-breach-sparks-816k-loss","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/echo-protocol-pauses-monad-bridge-after-admin-key-breach-sparks-816k-loss\/","title":{"rendered":"Echo Protocol Pauses Monad Bridge After Admin Key Breach Sparks $816K Loss"},"content":{"rendered":"<p><b>(Originally posted on : Bitcoin News )<\/b><br \/>\n<\/p>\n<div>\n<div class=\"@container mb-[25px] rounded-sm overflow-clip py-0.5 pr-0.5 pl-2.5 bg-success-100\">\n<div class=\"flex flex-col gap-m overflow-clip rounded-[6px] !bg-success-10 p-3 @[420px]:p-m\">\n<h2 class=\"m-0 flex items-center gap-s text-[19px] !text-[#1c1c1c] md:text-[20px]\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"16\" height=\"10\" viewbox=\"0 0 16 10\" fill=\"none\" class=\"shrink-0 text-success-100\" aria-hidden=\"true\"><path d=\"M1 1.5h14\" stroke=\"currentColor\" stroke-width=\"2.5\" stroke-linecap=\"round\"\/><path d=\"M1 8.5h10\" stroke=\"currentColor\" stroke-width=\"2.5\" stroke-linecap=\"round\"\/><\/svg><span>Key Takeaways<\/span><\/h2>\n<ul class=\"m-0 flex list-none flex-col gap-m pl-0\">\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">On Monday, May 18, an admin key exploit hit Echo Protocol, leading to an $816,000 asset breach.<\/span><\/li>\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">Low liquidity on Monad shielded the market, limiting actual losses from a fake $76.7 million eBTC mint.<\/span><\/li>\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">Echo Protocol is now upgrading its bridge security and contract permission controls to stop future lapses.<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<h2> <span>Liquidity<\/span> Limits Prevent Massive Losses<\/h2>\n<p>Echo Protocol, a <span>decentralized finance<\/span> ( <span>DeFi<\/span>) platform focused on <span>bitcoin<\/span> <span>liquidity<\/span>, was hit by a security exploit on Monday, May 18, after an attacker compromised an administrative key to mint millions of dollars in unauthorized synthetic assets.<\/p>\n<p>The breach, which occurred on Echo Protocol\u2019s deployment within the Monad <span>blockchain<\/span> network, initially saw the hacker mint 1,000 eBTC tokens with an estimated value of $76.7 million. However, because the localized decentralized lending markets lacked the deep <span>liquidity<\/span> required to absorb or cash out the massive influx of fake tokens, the actual realized losses were limited to approximately $816,000.<\/p>\n<p>According to <a href=\"https:\/\/x.com\/PeckShieldAlert\/status\/2056519415211192670\" target=\"_blank\" rel=\"noopener noreferrer\">reports<\/a> from <span>blockchain<\/span> security firms Peckshield and Lookonchain, the attacker utilized the compromised administrative access to grant their own digital wallet minting privileges. After generating the 1,000 eBTC tokens, the hacker deposited 45 eBTC into the decentralized lending protocol Curvance to serve as collateral.<\/p>\n<p>Against that collateral, the attacker successfully borrowed 11.29 WBTC and then bridged those assets to the Ethereum network, swapped them for ether ( <span>ETH<\/span>), and funneled approximately 385 <span>ETH<\/span> into Tornado Cash.<\/p>\n<p>Echo Protocol confirmed the security incident via its official social media channels, stating that the <a href=\"https:\/\/news.bitcoin.com\/crypto-bridge-exploits-328-million-may-2026-peckshield\/\">bridge infrastructure<\/a> on Monad had been temporarily suspended to prevent further unauthorized activity.<\/p>\n<p>\u201cOur investigation indicates the issue originated from a compromised admin key affecting the Monad deployment,\u201d Echo Protocol said in a <a href=\"https:\/\/x.com\/EchoProtocol_\/status\/2056623150620873200?s=20\" target=\"_blank\" rel=\"noopener noreferrer\">statement<\/a>.<\/p>\n<p>Developers noted that the exploit stemmed from an operational and access-control failure regarding key management, rather than a flaw in the underlying <span>smart contract<\/span> code itself. The protocol team has since regained control of the administrative key and moved to contain the damage by burning the remaining 955 eBTC tokens that were left sitting unusable in the attacker\u2019s wallet.<\/p>\n<p>Keone Hon, co-founder of the Monad <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-a-blockchain\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">blockchain<\/a>, clarified that the network\u2019s core infrastructure remained entirely secure.<\/p>\n<p>\u201cMonad was not affected and continues to operate normally,\u201d Hon stated, adding that the issue was isolated strictly to the application and its bridge deployment.<\/p>\n<p>Curvance, the lending protocol where the hacker extracted the funds, also paused the affected eBTC market as a precautionary measure. Representatives for Curvance emphasized that its isolated market architecture successfully prevented the exploit from bleeding into other lending pools, reporting no signs that its own <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-a-smart-contract\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">smart contracts<\/a> were breached.<\/p>\n<p>The platform noted that its deployment on the Aptos network remains unaffected, as aBTC on Aptos and eBTC on Monad operate as entirely separate and non-interoperable assets.<\/p>\n<p>Echo Protocol stated that it is upgrading its <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-evm\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">Ethereum Virtual Machine<\/a> bridge contracts and tightening its permission control mechanisms to prevent future lapses. The incident marks the latest in a <a href=\"https:\/\/news.bitcoin.com\/thorchain-loses-nearly-11m-as-attackers-poison-vault-churn-process-across-4-chains\/\">string of administrative and infrastructure-related exploits<\/a> to impact the <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-defi-decentralized-finance\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">decentralized finance<\/a> sector this month.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.bitcoin.com\/echo-protocol-pauses-monad-bridge-after-admin-key-breach-sparks-816k-loss\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : Bitcoin News ) Key Takeaways On Monday, May 18, an admin key exploit hit Echo Protocol, leading to an $816,000 asset breach. Low liquidity on Monad shielded the market, limiting actual losses from a fake $76.7 million eBTC mint. Echo Protocol is now upgrading its bridge security and contract permission controls [&hellip;]<\/p>\n","protected":false},"author":10,"featured_media":72765,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[32],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/72764"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=72764"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/72764\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/72765"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=72764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=72764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=72764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}